###

计算机系统应用英文版:2022,31(2):366-375

View/Add Comment 过刊浏览高级检索 HTML

←前一篇 | 后一篇→

码上扫一扫！

下载全文

基于事实所有权的RPKI缓存更新冲突检测机制

肖文龙^1,2, 马迪^1,2,3, 毛伟^2,3, 邵晴³

(1.中国科学院计算机网络信息中心, 北京 100190;2.中国科学院大学, 北京 100049;3.互联网域名系统国家地方联合工程研究中心, 北京, 100190)

Fact Ownership-based Conflict Detection Scheme for RPKI Cache Update

XIAO Wen-Long^1,2, MA Di^1,2,3, MAO Wei^2,3, SHAO Qing³

(1.Computer Network Information Center, Chinese Academy of Sciences, Beijing 100190, China;2.University of Chinese Academy of Sciences, Beijing 100049, China;3.Internet Domain Name System Beijing Engineering Research Center, Beijing 100190, China)

摘要

图/表

参考文献

相似文献

本文已被：浏览 646次下载 1220次
Received:April 19, 2021 Revised:May 19, 2021

中文摘要: 随着RPKI覆盖的域间网络的范围不断扩大, RPKI在实际部署中的数据同步一致性的问题, 运维失误和权威机构权力滥用的风险已成为影响RPKI全面部署的主要障碍. 本文提出了一种基于事实所有权的RPKI缓存更新冲突检测机制. 该机制利用反向RTR协议与RPKI数据层级分发架构进行事实路由起源信息的采集与同步, 并通过比较事实路由起源信息与RPKI缓存更新数据检测出冲突的RPKI缓存更新数据, 保护了RPKI缓存的真实有效. 最后, 本文就该机制的数据同步时间效率和检测性能同其他方案进行了对比, 实验结果表明本方案有一定的检出优势.

中文关键词: 资源公钥基础设施事实所有权路由起源信息冲突检测缓存更新

Abstract:As the resource public key infrastructure (RPKI) coverage of the inter-domain network expands, the consistency of RPKI data synchronization in the actual deployment, the risk of operational errors and abuse of authority power have become major obstacles to the full deployment of RPKI. This study presents a scheme for detecting conflicts of updating RPKI cache based on fact ownership of route origin. This scheme uses reverse RTR protocol and multi-layer transmission architecture of RPKI data to collect and synchronize fact route origin information. Then, it compares fact route origin information and RPKI cache update data to detect conflicting data of RPKI cache update, which ensures authenticity and effectiveness of RPKI cache. Finally, the data synchronization efficiency and detection performance of this scheme are compared with those of other schemes. The experimental results show that this scheme has some detection advantages.

keywords: resource public key infrastructure (RPKI) fact ownership route origin information conflict detection cache update

文章编号： 中图分类号： 文献标志码：

基金项目:

引用文本：
肖文龙,马迪,毛伟,邵晴.基于事实所有权的RPKI缓存更新冲突检测机制.计算机系统应用,2022,31(2):366-375
XIAO Wen-Long,MA Di,MAO Wei,SHAO Qing.Fact Ownership-based Conflict Detection Scheme for RPKI Cache Update.COMPUTER SYSTEMS APPLICATIONS,2022,31(2):366-375

Author Name	Affiliation	E-mail
XIAO Wen-Long	Computer Network Information Center, Chinese Academy of Sciences, Beijing 100190, China University of Chinese Academy of Sciences, Beijing 100049, China	xwl0012@163.com
MA Di	Computer Network Information Center, Chinese Academy of Sciences, Beijing 100190, China University of Chinese Academy of Sciences, Beijing 100049, China Internet Domain Name System Beijing Engineering Research Center, Beijing 100190, China
MAO Wei	University of Chinese Academy of Sciences, Beijing 100049, China Internet Domain Name System Beijing Engineering Research Center, Beijing 100190, China
SHAO Qing	Internet Domain Name System Beijing Engineering Research Center, Beijing 100190, China

Author Name	Affiliation	E-mail
XIAO Wen-Long	Computer Network Information Center, Chinese Academy of Sciences, Beijing 100190, China University of Chinese Academy of Sciences, Beijing 100049, China	xwl0012@163.com
MA Di	Computer Network Information Center, Chinese Academy of Sciences, Beijing 100190, China University of Chinese Academy of Sciences, Beijing 100049, China Internet Domain Name System Beijing Engineering Research Center, Beijing 100190, China
MAO Wei	University of Chinese Academy of Sciences, Beijing 100049, China Internet Domain Name System Beijing Engineering Research Center, Beijing 100190, China
SHAO Qing	Internet Domain Name System Beijing Engineering Research Center, Beijing 100190, China